TY - JOUR AB - AbstractThe use of static analysis security testing (SAST) tools has been increasing in recent years. However, previous studies have shown that, when shipped to end users such as development or security teams, the findings of these tools are often unsatisfying. Users report high numbers of false positives or long analysis times, making the tools unusable in the daily workflow. To address this, SAST tool creators provide a wide range of configuration options, such as customization of rules through domain-specific languages or specification of the application-specific analysis scope. In this paper, we study the configuration space of selected existing SAST tools when used within the integrated development environment (IDE). We focus on the configuration options that impact three dimensions, for which a trade-off is unavoidable, i.e., precision, recall, and analysis runtime. We perform a between-subjects user study with 40 users from multiple development and security teams - to our knowledge, the largest population for this kind of user study in the software engineering community. The results show that users who configure SAST tools are more effective in resolving security vulnerabilities detected by the tools than those using the default configuration. Based on post-study interviews, we identify common strategies that users have while configuring the SAST tools to provide further insights for tool creators. Finally, an evaluation of the configuration options of two commercial SAST tools, Fortify and CheckMarx, reveals that a quarter of the users do not understand the configuration options provided. The configuration options that are found most useful relate to the analysis scope. AU - Piskachev, Goran AU - Becker, Matthias AU - Bodden, Eric ID - 49439 IS - 5 JF - Empirical Software Engineering KW - Software SN - 1382-3256 TI - Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study VL - 28 ER - TY - CHAP AU - Richter, Susanne ID - 51789 T2 - Verhandlungen des 41. Kongresses der Deutschen Gesellschaft für Soziologie in Bielefeld 2022 TI - Cancel Culture als Arena politisierter Wissenskonflikte Am Beispiel einer Debatte um rassistische Begriffe im Sommer 2022 ER - TY - CHAP AU - Götte, Thorsten AU - Knollmann, Till AU - Meyer auf der Heide, Friedhelm AU - Scheideler, Christian AU - Werthmann, Julian ED - Haake, Claus-Jochen ED - Meyer auf der Heide, Friedhelm ED - Platzner, Marco ED - Wachsmuth, Henning ED - Wehrheim, Heike ID - 45875 T2 - On-The-Fly Computing -- Individualized IT-services in dynamic markets TI - Capabilities and Limitations of Local Strategies in Dynamic Networks VL - 412 ER - TY - JOUR AU - Ebersold, Felix AU - Hechelmann, Ron-Hendrik AU - Holzapfel, Peter AU - Meschede, Henning ID - 49565 JF - Energy Conversion and Management: X KW - Energy Engineering and Power Technology KW - Fuel Technology KW - Nuclear Energy and Engineering KW - Renewable Energy KW - Sustainability and the Environment SN - 2590-1745 TI - Carbon insetting as a measure to raise supply chain energy efficiency potentials: Opportunities and challenges VL - 20 ER - TY - CHAP AU - Akbulut Irmak, Emine Fulya AU - Hanses, Hendrik AU - Horwath, Ilona AU - Tröster, Thomas ID - 48643 SN - 2703-1543 T2 - Climate Protection, Resource Efficiency, and Sustainable Engineering TI - Case Study III: Challenges of lightweight design, vehicles, and rescuers ER - TY - CHAP AU - Menge, Dennis AU - Milaege, Dennis AU - Hoyer, Kay-Peter AU - Schmid, Hans-Joachim AU - Schaper, Mirko ED - Horwath, Illona ED - Schweizer, Swetlana ID - 46870 SN - 2703-1543 T2 - Climate Protection, Resource Efficiency, and Sustainable Engineering TI - Case Study IV: Individualized Medical Technology using Additive Manufacturing ER - TY - JOUR AB - DNA origami nanostructures have emerged as functional materials for applications in various areas of science and technology. In particular, the transfer of the DNA origami shape into inorganic materials using... AU - Pothineni, Bhanu Kiran AU - Grundmeier, Guido AU - Keller, Adrian ID - 46061 JF - Nanoscale KW - General Materials Science SN - 2040-3364 TI - Cation-dependent assembly of hexagonal DNA origami lattices on SiO2 surfaces ER - TY - GEN AU - Rüther, Torben AU - Schmid, Hans-Joachim ID - 43236 KW - CDMA TI - CDMA: Centrifugal Differential Mobility Analyzer - Ein Messprinzip zur Bestimmung von Multidimensionalen Partikeleigenschaften (Vortrag) ER - TY - GEN AU - Krimphove, Dieter ID - 36445 T2 - Manz Online TI - CE-Kennzeichnung ER - TY - GEN AU - Hollenhorst, Viola AU - Kenig, Eugeny Y. ID - 43047 TI - CFD-Untersuchungen der Fluiddynamik und des Wärmetransports an rauen Oberflächen ER -